Re: Review Request 37186: Ambari omits the line to enable kerberos on the Spark History Service

Robert Levas Thu, 06 Aug 2015 07:41:26 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/37186/
-----------------------------------------------------------


(Updated Aug. 6, 2015, 10:40 a.m.)


Review request for Ambari, Mahadev Konar and Robert Nettleton.


Bugs: AMBARI-12284
    https://issues.apache.org/jira/browse/AMBARI-12284


Repository: ambari


Description
-------

When Ambari sets up a secure spark cluster, it doesn't set

This will still fail tests unless the line
```
spark.history.kerberos.enabled true
```
is added to `spark-defaults.conf`

without this the Spark History Service will not log in with the keytab, and so 
not set up a long-lived secure connection to a Yarn History Server with 
encryption on.

This isn't immediately visible (and hard to sport in the tests), because if the 
user spark has logged in with `kinit`, the TGT is picked up and used — which 
works until the ticket expires.


Diffs
-----

  
ambari-server/src/main/resources/common-services/SPARK/1.2.0.2.2/kerberos.json 
60c9bfa 

Diff: https://reviews.apache.org/r/37186/diff/


Testing (updated)
-------

#Jenkins test result: PENDING


Thanks,

Robert Levas

Re: Review Request 37186: Ambari omits the line to enable kerberos on the Spark History Service

Reply via email to